[PATCH nft] src: add -p to print layer 4 protocol numerically

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

We keep printing layer 4 protocols as literals since we do not use
/etc/protocols. Add -p option to print layer 4 protocols numerically.

Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 include/nftables.h             | 5 +++++
 include/nftables/libnftables.h | 1 +
 src/datatype.c                 | 2 +-
 src/main.c                     | 6 +++++-
 4 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/include/nftables.h b/include/nftables.h
index 57203dfcce3f..4301b4147dda 100644
--- a/include/nftables.h
+++ b/include/nftables.h
@@ -77,6 +77,11 @@ static inline bool nft_output_guid(const struct output_ctx *octx)
 	return octx->flags & NFT_CTX_OUTPUT_GUID;
 }
 
+static inline bool nft_output_numeric_protocol(const struct output_ctx *octx)
+{
+	return octx->flags & NFT_CTX_OUTPUT_NUMERIC_PROTOCOL;
+}
+
 struct nft_cache {
 	uint16_t		genid;
 	struct list_head	list;
diff --git a/include/nftables/libnftables.h b/include/nftables/libnftables.h
index ff7b47aa3160..bef0c83f74c3 100644
--- a/include/nftables/libnftables.h
+++ b/include/nftables/libnftables.h
@@ -52,6 +52,7 @@ enum {
 	NFT_CTX_OUTPUT_JSON		= (1 << 4),
 	NFT_CTX_OUTPUT_ECHO		= (1 << 5),
 	NFT_CTX_OUTPUT_GUID		= (1 << 6),
+	NFT_CTX_OUTPUT_NUMERIC_PROTOCOL	= (1 << 7),
 };
 
 unsigned int nft_ctx_output_get_flags(struct nft_ctx *ctx);
diff --git a/src/datatype.c b/src/datatype.c
index 48eaca277757..2e957e60bb71 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -564,7 +564,7 @@ static void inet_protocol_type_print(const struct expr *expr,
 {
 	struct protoent *p;
 
-	if (octx->numeric < NFT_NUMERIC_ALL) {
+	if (!nft_output_numeric_protocol(octx)) {
 		p = getprotobynumber(mpz_get_uint8(expr->value));
 		if (p != NULL) {
 			nft_print(octx, "%s", p->p_name);
diff --git a/src/main.c b/src/main.c
index 7b253dd53f93..f30490fdce8e 100644
--- a/src/main.c
+++ b/src/main.c
@@ -40,10 +40,11 @@ enum opt_vals {
 	OPT_HANDLE_OUTPUT	= 'a',
 	OPT_ECHO		= 'e',
 	OPT_GUID		= 'u',
+	OPT_NUMERIC_PROTOCOL	= 'p',
 	OPT_INVALID		= '?',
 };
 
-#define OPTSTRING	"hvcf:iI:jvnsNaeSu"
+#define OPTSTRING	"hvcf:iI:jvnsNaeSup"
 
 static const struct option options[] = {
 	{
@@ -285,6 +286,9 @@ int main(int argc, char * const *argv)
 		case OPT_GUID:
 			output_flags |= NFT_CTX_OUTPUT_GUID;
 			break;
+		case OPT_NUMERIC_PROTOCOL:
+			output_flags |= NFT_CTX_OUTPUT_NUMERIC_PROTOCOL;
+			break;
 		case OPT_INVALID:
 			exit(EXIT_FAILURE);
 		}
-- 
2.11.0
[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux